<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
	<title>Joomla! Tools Suite - Help!</title>

	<style>
	  body, table { font-family: arial; font-size: 12px; }
	  th { font-family: arial; font-size: 14px; font-weight: bold; border: 1px solid #C0C0C0; background-color: #F3F3F3; }
	  blockquote { width: 500px; padding: 10px 10px 10px 80px; margin: 15px 0; background: #F3F3F3 url(images/blockquote.png) 0 0 no-repeat; border-bottom: 1px solid #C0C0C0; }
	  div { padding-left: 50px; }
	  div.main { align: center; width: 750px; }
	  .help h1 { font-size: 15px; font-weight: bold; color: #c64934; padding: 10px 10px 4px 0px; text-align: left; border-bottom: 1px solid #c64934; margin-bottom: 10px; }
	</style>

</head>

<body>


<div class="main">
<p align="center">
<div class="help">

<h1>What Are JTS and HISA?</h1><br />
<p>
The Joomla! forums see many posts regarding Installation or Performance issues, Permissions and Security questions. To assist with such questions and to highlight many of the common problems seen the following tools have been developed to help end-users and the Joomla! Working Group Teams quickly and efficiently resolve these issues in the fastest time possible with the least amount of effort.
</p>

<p>
<strong>Joomla! Tools Suite</strong> (JTS) and <strong>Joomla! Health, Installation, Security Audit</strong> (HISA) have been developed with the sole purpose of providing Joomla! end-users with a Self-Help Advice and Information system.
</p>

<ol>
  <li>
    <strong>Pre-Joomla! Installation Server Environment Audit</strong><br />
    <em>Before you install Joomla! check if your server is likely to support it fully or if your environment may need some modification</em>
  </li>
  <li>
    <strong>Post-Joomla! Installation Server Environment Audit</strong><br />
	<em>Following the installation of Joomla! keep your installation functioning and optimal with a variety of maintenance tools</em>
  </li>
  <li>
    <strong>Trouble-Shooting and Problem Resolution</strong><br />
    <em>Obtain additional diagnostic and configuration information to aid or speed up the process of problem resolution</em>
  </li>
</ol>

<br />

<table style="border-collapse: separate;" width="90%" cellspacing="0" cellpadding="2" border="0" align="center">
<tbody>
  <tr>
    <th width="46%">Joomla! HISA</th>
	<td>&nbsp;</td>
	<th width="46%">Joomla! Tools Suite</th>
  </tr>
  <tr>
    <td width="46%" valign="top">
	<div style="float: left; padding: 10px; margin: 6px;">
	<img align="left" src="images/hisa.gif" width="102" height="32" alt="Joomla! HISA">
	</div>
    Designed with the Joomla! New User in mind, HISA is a single self-contained, all-in-one Audit facility, providing information that
will assist you to determine if your hosting environment is suitable for Joomla!, what might be done to improve your change of a successful
installation, all prior to installation. Allowing you the opportunity to ask questions before getting frustrated or disappointed. No installation requirement, simply upload the Joomla! HISA file to your proposed or current Joomla! directory and open it in your browser.
    </td>
	<td>&nbsp;</td>
	<td width="46%" valign="top">
    <div style="float: left; padding: 10px; margin: 6px;">
	<img align="left" src="images/jts.gif" width="98" height="60" alt="Joomla! Tools Suite">
	</div>
	JTS on the other hand has been designed with a more advanced series of Diagnostic and Maintenance Tools, including the HISA tool-set. Tools range from Pre-Installation environment checks, Post-Installation environment auditing, File and Directory permissions, extension auditing to DataBase optimisation and maintenance. Still maintaining ease of installation and use, simply make a directory within your Joomla! installation folder, upload the files and open in your browser again.
    </td>
  </tr>
  <tr>
    <td width="46%" valign="top" align="center"><a target="_new" href="http://joomlacode.org/gf/project/hisa/">Download HISA Here</a></td>
	<td align="center">&nbsp;</td>
	<td width="46%" valign="top" align="center"><a target="_new" href="http://joomlacode.org/gf/project/jts/">Download JTS Here</a></td>
  </tr>
  <tr>
    <td colspan="3">&nbsp;</td>
  </tr>
  <tr>
    <td width="46%" valign="top">
	  <strong><u>Language Support</u></strong><br />
        &nbsp; English<br />
        &nbsp; Finnish<br />
        &nbsp; Swedish<br />
        &nbsp; German<br />
    </td>
	<td width="8%">&nbsp;</td>
	<td width="46%" valign="top">
      <strong><u>Language Support</u></strong><br />
        &nbsp; English<br />
        &nbsp; Finnish<br />
        &nbsp; Swedish<br />
        &nbsp; German<br />
        &nbsp; Hungarian<br />
        &nbsp; Hungarian (Informal)<br />
        &nbsp; French<br />
        </td>
  </tr>
</tbody>
</table>
</div>


<div class="help">
<h1>What Do JTS and HISA Actually Do?</h1><br />

<h4>Joomla! Health, Installation and Security Audit (HISA)</h4>
<div align="left">
Based on the server and end-user hosting account configuration variables an assessment is completed, providing feedback regarding the possibility of installation success if prior to installing Joomla! alternatively, following Joomla! installation, reporting on possible problematic configuration issues.
<br /><br />
  High security risk items severely penalise the assessment scale, whilst minor inconsistencies will only reduce the assessment scale by small increments. The Health Check report will make recommendations and suggestions on how to possibly resolve such issues.
</div>

<br /><br />

<div align="left">
  <blockquote>
    <strong>Initial Installation Audit</strong><br />
      &nbsp; Success Assessment scale<br />
      &nbsp; Latest Joomla! v1.x release<br />
      &nbsp; Non "Stable" version notification<br />
      &nbsp; High security risk notification<br />
  </blockquote>
<br />
  <blockquote>
    <strong>General Environment Audit</strong><br />
      &nbsp; <strong>Host information</strong><br />
      &nbsp;&nbsp;&nbsp; Platform<br />
      &nbsp;&nbsp;&nbsp; Architecture<br />
      &nbsp;&nbsp;&nbsp; Operating System<br />
      &nbsp;&nbsp;&nbsp; IP Address<br />
<br />
      &nbsp; <strong>Web-Server version</strong><br />
      &nbsp;&nbsp;&nbsp; Port<br />
      &nbsp;&nbsp;&nbsp; Configuration environment<br />
<br />
      &nbsp; <strong>PHP version</strong><br />
      &nbsp;&nbsp;&nbsp; Enabled common extensions<br />
<br />
      &nbsp; <strong>MySQL version</strong><br />
      &nbsp;&nbsp;&nbsp; Connection method<br />
<br />
      &nbsp; <strong>Joomla! Configuration</strong><br />
      &nbsp;&nbsp;&nbsp; Online/Offline status<br />
      &nbsp;&nbsp;&nbsp; Live Site details<br />
      &nbsp;&nbsp;&nbsp; Configured/Actual Absolute Path<br />
      &nbsp;&nbsp;&nbsp; .htaccess use<br />
      &nbsp;&nbsp;&nbsp; Cache settings<br />
      &nbsp;&nbsp;&nbsp; SEF settings<br />
  </blockquote>
<br />
  <blockquote>
    <strong>Standard Joomla! Pre-Installation Checks</strong><br />
      &nbsp; <strong>Extension Support</strong><br />
      &nbsp;&nbsp;&nbsp; zlib support<br />
      &nbsp;&nbsp;&nbsp; XML support<br />
      &nbsp;&nbsp;&nbsp; MySQL support<br />
      &nbsp;&nbsp;&nbsp; Save Session Path status<br />
<br />
      &nbsp; <strong>Security Settings</strong><br />
      &nbsp;&nbsp;&nbsp; Joomla! RG_EMULATION status<br />
      &nbsp;&nbsp;&nbsp; PHP register_globals status<br />
<br />
      &nbsp; <strong>Recommended Settings</strong><br />
      &nbsp;&nbsp;&nbsp; Safe Mode status<br />
      &nbsp;&nbsp;&nbsp; Display Errors status<br />
      &nbsp;&nbsp;&nbsp; File Uploads status<br />
      &nbsp;&nbsp;&nbsp; Magic Quotes GPC status<br />
      &nbsp;&nbsp;&nbsp; Magic Quotes Runtime status<br />
      &nbsp;&nbsp;&nbsp; Output Buffering status<br />
      &nbsp;&nbsp;&nbsp; Session Auto Start status<br />
<br />
      &nbsp; <strong>Directory and File Mode Check</strong><br />
  </blockquote>
</div>

<br /><br />

<h4>Joomla! Diagnostic</h4>
<div align="left">
A "hash" comparison of the installed Joomla! files and the original Joomla! Distribution release files is performed. The Diagnostic report
provides feedback of changed, missing or potentially corrupt files within the Joomla! installation allowing the end-user to determine if there are potentially going to be installation problems if run prior to completing the Web-Installer or possibly solving post installation issues caused by FTP upload corruption or unauthorised modification of core files and potential security risks associated with poorly coded extensions allowing direct access to content or scripts.
</div>
<br /><br />

<div align="left">
  <blockquote>
    <strong>Standard Checks Performed</strong><br />
      &nbsp; <strong>Security Status</strong><br />
      &nbsp;&nbsp;&nbsp; register_globals setting<br />
      &nbsp;&nbsp;&nbsp; RG_EMULATION setting<br />
<br />
      &nbsp; <strong>Missing Files</strong><br />
<br /> 
      &nbsp; <strong>Corrupt or Modified Files</strong><br />
<br />
      &nbsp; <strong>Misisng Direct Access Validation</strong><br />
  </blockquote>
</div>

<h4>Custom Joomla! Diagnostic</h4>
<div align="left">
<b>Custom Hash Generation</b><br />
The "Hash Generation" utility provides the capability to build a Hash file of the current production Joomla! site as it is installed today. This new "Custom" Hash will not only include the Joomla! Core files, but will also include any files installed by Joomla! extensions. This new Hash contains information on the site at a known point in time and can now be compared against the current site to determine if any changes have occured since the last Hash was generated.<br /><br />

<b>Custom Joomla! Diagnostic</b><br />
In addition to the standard Joomla! Diagnostic highliting files that have been modified or deleted, the new "Custom J!D" report also has the ability to highlite new files that may have been uploaded or added since the last hash was generated, providing a central focal point for "Change Management" and the detection of possible exploit or intrusion of a Joomla! site. Following the Generation of your "Custom" Hash, running "Custom J!D" from the menu will now use the newly created custom hash file instead of the standard Joomla! Core hash files.  Joomla! Core Files may still be compared from the standard integrated Joomla! Diagnostic option.<br /><br />

<i>The "Custom Hash Utility" should be capable of handling Joomla! sites of any version/release/dev status/language or with core hacks due to not using the standard core file structure hash, including current and future v1.5 releases.</i>
</div>
<br /><br />

<div align="left">
  <blockquote>
    <strong>Standard Checks Performed</strong><br />
      &nbsp; <strong>Security Status</strong><br />
      &nbsp;&nbsp;&nbsp; register_globals setting<br />
      &nbsp;&nbsp;&nbsp; RG_EMULATION setting<br />
<br />
      &nbsp; <strong>Unexpected New and Uploaded Files</strong><br />
<br />
      &nbsp; <strong>Missing Files</strong><br />
<br /> 
      &nbsp; <strong>Corrupt or Modified Files</strong><br />
<br />
      &nbsp; <strong>Missing Direct Access Validation</strong><br />
  </blockquote>
</div>

<br /><br />
<h4>Permissions Auditing</strong></h4>
<div align="left">
Permissions auditing provides the end-user with a comprehensive view of all Directories and Files within the Joomla! installation, including their ownership, current pemrissions mode and Web-Server accessibility and Write capability.
<br /> <br />
  Working on the assumption of 755 for Directories and 644 for Files as the permissions base and being the generally accepted best practice,
the Joomla! Tools Suite Permissions Audit report will determine and highlight any permissions not below these modes in the following manner;
</div>
<br /><br />

<div align="left">
  <blockquote>
    <strong>Directories and Files</strong><br />
      &nbsp; <font color="#009933">Green</font>&nbsp;&nbsp;&nbsp; Generally sane and acceptable<br />
      &nbsp; <font color="#0000cc">Blue</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Elevated pemrissions but could still be acceptable<br />
      &nbsp; <font color="#ff0000">Red</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; World-Writable, potential of a security exposure<br />
	  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
	  ( <font size="1" color="#ff0000"><span style="background-color: rgb(255, 255, 0);">name also highlighted yellow</span></font> )<br />
<br />
    <strong> Files Only</strong><br />

    &nbsp; <font color="#ff0000">Warning Triangle</font> : Potentially suspect file found<br />
	&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
	(<font size="1"> .pl, .cgi, .zip, .tar, .tar.gz, these should be investigated </font>)<br />
    &nbsp; Size and Last Modified Date<br />
  </blockquote>
</div>

<br /><br />

<h4>Extensions Auditing</strong></h4>
<div align="left">
This section of JTS provides feedback to the end-user relating to currently installed Components, Modules and Mambots, the report includes Name, Version/Release, author contact details and a description of its purpose. To assist with security management and control each extension is colour coded to differentiate between Joomla! Core extensions and 3rd Party Developer extensions.<br />
</div>
<br /><br />

<div align="left">
  <blockquote>
    <strong>Extension Differentiation </strong><br />
    &nbsp; <font color="#009933">Green</font>&nbsp;&nbsp;&nbsp; Joomla! Core extension<br />
    &nbsp; <font color="#ff0000">Red</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 3rd Party supplied extension<br />
  </blockquote>
</div>

<br /><br />

<h4>DB Maintenance</strong></h4>
<div align="left">
Providing a simple interface in to the Health of the Joomla! Database, the JTS DB Maintenance routine initially provides the end-user with details of MySQL backend connection and performs a database table-space Health and Status check and Stale Sessions check. There is also provision made for the end-user to immediately attempt a table repair, clear Stale Sessions and subsequently "Optimise" the Joomla! tables, cleaning up allocated but unused space potentially improving the perfomance of the database and thus the Joomla! Web Site in the front-end.<br />

<br />
DB Maintenance automatically runs a table-space health check, confirming that all the standard required Joomla! tables are present, readable and useable. Any errors found during these checks will be highlighted in red, if required and possible, DB Maintenance will attempt to repair any damaged or corrupt Joomla! core tables. The #__session table is also checked for Stale Sessions, displaying all current entries and highlighting those that are stale based on the $mosConfig_lifetime variable in configuration.php.<br /> 

<br />
Selecting the "Optimise Now" button will activate the Database Optimisation routines of MySQL and is not run automatically when entering this section of JTS. <em>Database Optimisation should only be run during quiet or offline periods to avoid the potential to effect front-end performance or possibility of table corruption.</em><br />
</div>

<br /><br />

</div>


</div>

</body>
</html>
